#1
Melody Auth
Turnkey OAuth 2.0/OIDC authentication system with admin panel, REST APIs, RBAC, MFA, social login, and flexible deployment on Cloudflare Workers or Node.js.
Melody Auth is a turnkey OAuth 2.0 and authentication system you can run on Cloudflare Workers (with D1 and KV) or self-host on Node.js with Redis and PostgreSQL. It provides a complete auth server, management UI, and developer-facing APIs and SDKs for integrating secure login flows into applications.
Key Features
- OAuth 2.0 flows including authorization, token exchange, refresh token revoke, scopes, consent, and user info retrieval
- OpenID Connect support (discovery/openid configuration) and JWT/JWKS-based authentication with key rotation
- Multi-factor authentication options including email/OTP/SMS, passkeys, recovery codes, and “remember device”
- External identity providers including social login (Google, GitHub, Discord, Apple, etc.) and OIDC providers; SAML SSO in Node.js deployments
- Role-based access control (RBAC), user attributes, account linking, organizations and groups
- Admin panel for managing users, apps, roles/scopes, organizations, IdPs, and logs (including impersonation)
- Server-to-server REST API plus embedded auth API and frontend SDKs for web, React, Angular, and Vue
- Brute-force protection and security-focused logging for sign-in and verification flows
Use Cases
- Ship OAuth/OIDC authentication for new products with a built-in admin console
- Add MFA, passkeys, and social login to existing apps without building auth from scratch
- Run an internal identity provider for multiple apps with RBAC, org/group management, and audit-friendly logs
Melody Auth is well-suited for teams that want a complete, customizable auth stack with minimal operational overhead on the edge or full control in a traditional server deployment.
580stars
53forks